Our Cyber Dictionary

Stay connected with the developing world of technology and the terminologies that you may be unfamiliar with. The following is a small but ever-growing list of definitions relating to the topic of cybercrime:

AI-Generated: refers to anything produced by machine learning or predictive software, most generally

Air Tags: Used to track bags etc but can be used to track a person

Blackmail: Act of coercion using the threat of revealing or publicizing either substantially true or false information about a person or people unless certain demands are met

Coincidence Scam - A SMS message or email that coincidentally arrives after someone had ordered something online stating that there is an error with the order and to click a link and “login” to remedy it.

Doxxing/Doxing: publication of a person’s identifying or private information (e.g., address, financial information, etc.)

Deep-Fake: Using technology to superimpose someone else’s face onto another person’s body. Can also be used to fake someone’s voice.

Deep-Fake Nudes: Using technology to “remove” a person’s clothing in a photo, making a “nude” photo

Encryption: Process of converting information into code to keep it safe from unauthorized access

EULA: End User License Agreement: usually spell out what you are allowed to do and what you are not allowed to do with the service or product you are signing for

Function Creep: occurs when information is used for a purpose that is not the original specified purpose. For example, a workplace may install a security system that requires employees to sign-in or sign-out of the workplace. The purpose of the security system is to prevent unauthorized access to a particular workplace. However, organizations may end up using this information about individual employees to track employee attendance

Geotagging: geographical identification metadata attached to various media such as a photograph or video, websites, SMS messages, QR Codes or RSS feeds and is a form of geospatial metadata

Internet of Things [IoT]: generally refers to devices or technology that are connected to a network, whether over the internet or locally. Most IoTs were designed to make life more convenient, such as using voice-activation to play music from speakers. However, security is often an overlooked feature, and companies have started exploiting IoTs to collect more personal data from their users

Location Services: pictures that you take will be geotagged, meaning the date, time and even location will be saved onto the photo. With location services enabled, your phone will track where you go and could send your information to an unauthorized third party

Phishing: scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware

Privacy: protection of personal information and the right of individuals to control and manage their data. It involves ensuring that sensitive data, such as personal details, financial information, and communication, is handled securely and used only in ways that are agreed upon by the individuals involved

Privacy Data Subject Requests: can be submitted to a company / agency by users or individuals to find out what information has been collected and stored about them or to ask that certain actions be taken with their data

Privacy Policy: detail what information the service/company will take from you and what they do with it

QR Code Scams - Bad actors put QR codes that lead to malware infected websites on posters or advertisements, or they cover legitimate QR codes with their fake QR codes.

Ransomware: type of cryptovirological malware that permanently blocks access to the victim's personal data unless a ransom is paid

Revenge Porn: distribution of sexually explicit images or videos of individuals without their consent

Romance Scams: scammers strike up a relationship with you to build up trust, sometimes talking or chatting several times a day. Then, they make up a story and ask for money

Scam: broadly defined as an attempt to defraud an individual by gaining their trust and exploiting it

Sextortion: a form of blackmail where predators threaten to publicly release a victim's sexual content if the person does not provide money or more intimate images or video

Smishing: a combination of “SMS” and “phishing.” In a smishing attack, cybercriminals send deceptive text messages to lure victims into sharing personal or financial information, clicking on malicious links, or downloading harmful software or applications

Spear Phishing: phishing which focuses on specific individuals or organizations, often using deceptive emails as the primary method

ToS: Terms of Service; usually an alternative to EULA

Sim Swapping: a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone